<?php
include_once('common/header.php');
if($AppUI->id <=0 || (isset($_SESSION['admin']) && ($_SESSION['admin']&1<<2)==0) || ($AppUI->id > 0 && $AppUI->type < 2)){
	$this->_redirect(isset($_SESSION[SESSION_BACKURL]) ? $_SESSION[SESSION_BACKURL] : HOST_BACKEND);
}
$strPassword 		= $objRequest->getParam('ppassword', '');
$strPasswordConf 	= $objRequest->getParam('ppassword_confirm', '');
$intAdminId			= $objRequest->getParam('padminid', 0);
$strUsername		= $objRequest->getParam('pusername', '');
$arrErr				= null;
if(trim($strPassword) == '') $arrErr[] = $arrLocale['password_required'];
if($strPassword != '' && (strlen($strPassword) < 5 || strlen($strPassword) > 30)) $arrErr[] = $arrLocale['password_minlength'];
if($strPassword != '' && $strPassword != $strPasswordConf) $arrErr[] = $arrLocale['password_notmatch'];
if($intError == 0) {
	if(isset($_SESSION['CHANGEPW_ERROR'])) unset($_SESSION['CHANGEPW_ERROR']);
	$objAdmin	= new Admin();
	$intError 	= $objAdmin->updatePassword($AppUI->id, $intAdminId, $strUsername, md5($strPassword));	
	if($intError > 0) {
		$arrErr[] = $arrError['noperm_changepw'];
	}
	else {
		Ecore_Function::setMsg($arrMessage['change_pw']);
		$this->_redirect(isset($_SESSION[SESSION_BACKURL]) ? $_SESSION[SESSION_BACKURL] : HOST_BACKEND);
	}
}
if(isset($arrErr)) {
	$_SESSION['CHANGEPW_ERROR']	= $arrErr[$intError];	
}
$this->_redirect(isset($_SESSION[SESSION_BACKURL]) ? $_SESSION[SESSION_BACKURL] : HOST_BACKEND . 'admin/changepw?adminid=' . $intAdminId);
